Hi, I currently have 2 physical domain controllers / 1 physical server 2008 machine that has no roles / features yet - and 1 virtual machine that is server 2008 r2 (1 gb ram) I need to install an issuing certificate authority on one of them and also i need to install exchange server and sql server on the machines - the way i was going to do it like this... have the issuing CA go on the virtual 2008 r2 machine that is empty. put exhange on the physical 2008 machine. have the sql server on the domain controller. is this the best way - baring in mind I have to really either have exhange or sql on the domain controller. My reasoning is the virtual machine isnt going to be able to handle a big thing like sql or exhange? How would you arrange these roles? Thank you if you can help Timez82

Hello, "I currently have 2 physical domain controllers / 1 physical server 2008 machine that has no roles / features yet - and 1 virtual machine that is server 2008 r2 (1 gb ram)" So do you have 1 physical and a virtual or or 2 physical and 1 virtual, your statement is confusing. A DC should only be used for AD/DNS/GC and if no other machine is available for DHCP(with elevated security), that's it. NONE other appications should run on them. " need to install an issuing certificate authority on one of the..." CA on a DC is not recommended from Micorosft and should also run on member servers in a domain. "...also i need to install exchange server and sql server on the machines " Both options are also not recommended, even not from Microsoft, SQL and Exchange should always run on member servers and NOT on DCs. If you run them on DCs and have to restore a DC you run into major problems with Exchange and SQL afterwards. So don't do it. So please rethink your design complete.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

I have 2 domain controllers that are on - PHYSICAL MACHINES I have a member server on a - PHYSICAL MACHINE so that is 3 phsycial machines - 2 of which are DC's and 1 of which that is just a member server. 1 Virtual Machine that is a member server. so i have 3 phsycal machines - 2 of which are domain controllers and 1 is a memeber server - and i have a virtual member server as well. (as a server with no roles or features isnt a domain controller....) anyway... i know they are not reccomended but i have no choice i need all these things on the network and that is all i have computer wise... so which would be the best one out of the lot to put on a DC? I know none are reccomended - that doesnt help me. without help from here im gonna have to just guess which one and i really didnt wanna do that. it has to be one of them. (might have to be the issuing CA then if i really cant put exchange or sql on a DC?) - like i say something out of those has to go on a domain controller. Timez

Hello, kick out one physical DC and make the VM DC instead, that way you have 2 member servers with hopefully enough RAM and can install SQL on one and Exchange on the other. Running the CA on SQL or Exchange, if not another VM can build, i would ask on the following forum: CA: http://social.technet.microsoft.com/Forums/en/winserversecurity/threads Exchange: http://social.technet.microsoft.com/forums/en-US/category/exchangeserver/ Is the VM runing on Hyper-V and do you use Enterprise edition? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.